L3/switch routing issue?

L3/switch routing issue?

L3/switch routing issue?
L3/switch routing issue?
2024-06-22 22:02:48 - last edited 2024-07-01 03:54:19
Model: TL-SG2218  
Hardware Version: V1
Firmware Version: 2.1

Team,

 

I'm strugling with the L3-switching/routing capabilities.

According to the specs this is expected to work for the given switch model.

Meaning there is no Omada router involved with large volumes of packets - like for example backups.

 

I'm running a test setup with an OpnSense router, TL-SG2218 v1.21 and TL-SG2210P v3.20.

The OpnSense router works as expected but requires lots host resources.

The L3-switching/routing on the both switches does not work.

 

The setup:

 

 

 

 

The details of the switch:

Management vlan: 192.168.139.0/24 with vlan 1

Client vlan: 192.168.111.0/24 with vlan 111

 

DNS: 192.168.139.235 | 192.168.111.235

Gateway:  192.168.139.246 | 192.168.111.246

 

Routing table in the switch:

0.0.0.0/0 next hop 192.168.2.254 distance 1

192.168.2.0/24 next hop 192.168.2.246 distance 0

192.168.111.0/24 next hop 192.168.111.246 distance 0

192.168.139.0/24 next hop 192.168.139.246 distance 0

 

The details of the switch and the client in vlan 111:

IP: 192.168.111.50 / 255.255.255.0

GW: 192.168.111.246

DNS: 192.168.111.235

DHCP: 192.168.111.246 (i.e. the switch)

 

If I start testing with these settings and tracert it works as expected from the switch.

But it doesn't from the client - tracert doesn't get beyond the switch to Box12 - let alone reaching a host on the internet.

While the IP address of Box12 (the KPN/ISP router) is in the client list!

 

Any suggestions? What am I overlooking here?

 

Below the test results.

 

The test results from the Omada switch:

tracert 192.168.2.246 gives: 1  ms     1  ms     1  ms

tracert 192.168.2.254 gives: 1  ms     1  ms     1  ms

tracert 1.1.1.2 gives:

1              192.168.2.254     10 ms     1  ms     1  ms

2              195.190.228.35     1  ms     1  ms     1  ms

3              *         *         *         Request timed out.

4              *         *         *         Request timed out.

5              141.101.65.109     1  ms     1  ms     1  ms

6              1.1.1.2          1  ms     1  ms     1  ms

 

Meaning the Omada switch is able to reach Box12 and the Internet (i.e. 1.1.1.2 - a DNS server from Cloudflare)

 

The test results on the client:

tracert 192.168.2.246 gives:  4 ms     3 ms     3 ms

tracert 192.168.2.254 gives:

  1     4 ms     3 ms     3 ms  192.168.111.246

  2     *        *        *     Request timed out.

  3     *        *        *     Request timed out.

  4     *        *        *     Request timed out.

  5     *  <etc – fails>

tracert 1.1.1.2 gives:

  1     2 ms     2 ms     5 ms  192.168.111.246

  2     *        *        *     Request timed out.

  3     *        *        *     Request timed out.

  4     *        *        *     Request timed out.

  5     *  <etc – fails>

 

Meaning the client is not able to get beyond the Omada switch switch - let alone reach Box12 and a host on the Internet (i.e. 1.1.1.2 - a DNS server from Cloudflare).

 

*** making it run like clockwork ***
  0      
  0      
#1
Options
1 Accepted Solution
Re:L3/switch routing issue?-Solution
2024-06-25 06:05:42 - last edited 2024-07-01 03:54:19

Hi @ITV 

Thanks for posting in our business forum.

ITV wrote

  @Clive_A 

 

The vlans are hosted by the switch - except (of course) the default one as it is always hosted by an Omada router.

Only when the Omada router is active clients can reach the Internet.

 

What does the Omada router do that makes this work?

Even when all user vlans are hosted by the switch?

Meaning within the controller all user vlans are configured as vlans - no interfaces.

 

How to Set Up VLAN Interface on the Omada Router

In the note area, it explains the reasons.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#6
Options
6 Reply
Re:L3/switch routing issue?
2024-06-24 01:55:32

Hi @ITV 

Thanks for posting in our business forum.

Are you able to ping the gateway? 2.254 from the clients on the switch?

You probably need to think about the gateway as well. A proper Internet connection is not limited to the switch. Now, that it has successfully accessed the switch gateway, it does not work when it forwards from the switch to the router, this part malfunctions. You should check your settings.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:L3/switch routing issue?
2024-06-24 06:01:56 - last edited 2024-06-24 06:10:49

  @Clive_A 

 

Thank you for the suggestion.

 

With the term settings I guess you mean the settings of the ISP-router?

Which kind of settings on the ISP-router are you thinking of?

 

Please note that:

(1) - The clients can ping all vlan interfaces of the switch. This includes the vlan interface attached to the port with the ISP-router. yes

(2) - The Omada switch itself can ping the ISP-router. yes

(3) - The clients connected to the switch can not ping the ISP-router. no

 

 

Why are the pings to .2.254 working when coming from the switch?

And why not when coming from the clients connected to the same switch? surprise

 

 

Cheers - Will

*** making it run like clockwork ***
  0  
  0  
#3
Options
Re:L3/switch routing issue?
2024-06-24 06:19:42 - last edited 2024-06-24 06:20:54

Hi  @ITV

Who's hosting the VLAN interfaces? Switch or the router? I mean the details of the VLAN interface and DHCP config.

Can the client ping 2.254 from the switch from a different subnet instead of 2.0/24?

Routings on the router and switch. And ACL settings if there are any.

 

If the clients from the switch can travel to the default gateway, from the default gateway it does not go any further into the router, that's strange and is the problem. I would think this is a problem with the router or the ACL. Not the switch.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options
Re:L3/switch routing issue?
2024-06-25 05:03:48 - last edited 2024-06-25 05:05:26

  @Clive_A 

 

The vlans are hosted by the switch - except (of course) the default one as it is always hosted by an Omada router.

Only when the Omada router is active clients can reach the Internet.

 

What does the Omada router do that makes this work?

Even when all user vlans are hosted by the switch?

Meaning within the controller all user vlans are configured as vlans - no interfaces.

 

*** making it run like clockwork ***
  0  
  0  
#5
Options
Re:L3/switch routing issue?-Solution
2024-06-25 06:05:42 - last edited 2024-07-01 03:54:19

Hi @ITV 

Thanks for posting in our business forum.

ITV wrote

  @Clive_A 

 

The vlans are hosted by the switch - except (of course) the default one as it is always hosted by an Omada router.

Only when the Omada router is active clients can reach the Internet.

 

What does the Omada router do that makes this work?

Even when all user vlans are hosted by the switch?

Meaning within the controller all user vlans are configured as vlans - no interfaces.

 

How to Set Up VLAN Interface on the Omada Router

In the note area, it explains the reasons.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#6
Options
Re:L3/switch routing issue?
2024-06-28 07:25:45

  @Clive_A 

 

Yesterday I finshed the last test rounds and so far it is working as expected.

 

Meaning I was able to resolve this by replacing the KPN/ISP router with a Fritz!box model.

Besides replacing the Omada router with a basic L3 switch/router (i.e. the Omada SG2218).

 

The blocking issue was static routes on the KPN/ISP router: this was not supported.

Hence the replacement with a Fritzbox, static route support and the KPN/ISP profile.

 

At this time the switch is default gateway for all vlans (with Pihole/DNSMASQ as DHCP/DNS server).

The Omada router is doing nothing... no double NAT (NAT-ing is only on the Fritz!box)... switching it off... at least for now... :-)

 

Perhaps there will be a firmware version where the Omada routers have support for the KPN/ISP profile (i.e. IP-TV) - we will see.

 

*** making it run like clockwork ***
  0  
  0  
#7
Options